Re: 答复: [PATCH] USB:Fix kernel NULL pointer when unbind UHCI form vfio-pci

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>
To: WeitaoWang-oc <WeitaoWang-oc@zhaoxin.com>
Cc: Alex Williamson <alex.williamson@redhat.com>,
	"mathias.nyman@linux.intel.com" <mathias.nyman@linux.intel.com>,
	"ulf.hansson@linaro.org" <ulf.hansson@linaro.org>,
	"vkoul@kernel.org" <vkoul@kernel.org>,
	"hslester96@gmail.com" <hslester96@gmail.com>,
	"linux-usb@vger.kernel.org" <linux-usb@vger.kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"Carsten_Schmid@mentor.com" <Carsten_Schmid@mentor.com>,
	"efremov@linux.com" <efremov@linux.com>,
	"Tony W. Wang(XA-RD)" <TonyWWang@zhaoxin.com>,
	"Cobe Chen(BJ-RD)" <CobeChen@zhaoxin.com>,
	"Tim Guo(BJ-RD)" <TimGuo@zhaoxin.com>,
	"wwt8723@163.com" <wwt8723@163.com>
Subject: Re: 答复: [PATCH] USB:Fix kernel NULL pointer when unbind UHCI form vfio-pci
Date: Thu, 23 Jul 2020 10:41:31 +0200	[thread overview]
Message-ID: <20200723084131.GA1753458@kroah.com> (raw)
In-Reply-To: <371b3697614e4034aed8e9f340a7dbf1@zhaoxin.com>

On Thu, Jul 23, 2020 at 08:36:25AM +0000, WeitaoWang-oc wrote:
> 
> On Thu,23 July 2020 04:18:00 +0000 Alex wrote:
> > On Wed, 22 Jul 2020 19:57:48 +0800
> > WeitaoWangoc <WeitaoWang-oc@zhaoxin.com> wrote:
> > 
> > >  drivers/usb/core/hcd-pci.c | 5 +++++
> > >  1 file changed, 5 insertions(+)
> > >
> > > diff --git a/drivers/usb/core/hcd-pci.c b/drivers/usb/core/hcd-pci.c
> > > index 1547aa6..484f2a0 100644
> > > --- a/drivers/usb/core/hcd-pci.c
> > > +++ b/drivers/usb/core/hcd-pci.c
> > > @@ -34,6 +34,7 @@ static DECLARE_RWSEM(companions_rwsem);
> > >  #define CL_OHCI                PCI_CLASS_SERIAL_USB_OHCI
> > >  #define CL_EHCI                PCI_CLASS_SERIAL_USB_EHCI
> > >
> > > +#define PCI_DEV_DRV_FLAG       2
> > >  static inline int is_ohci_or_uhci(struct pci_dev *pdev)  {
> > >         return pdev->class == CL_OHCI || pdev->class == CL_UHCI; @@
> > > -68,6 +69,8 @@ static void for_each_companion(struct pci_dev *pdev, struct
> > usb_hcd *hcd,
> > >                 if (companion->class != CL_UHCI && companion->class !=
> > CL_OHCI &&
> > >                                 companion->class != CL_EHCI)
> > >                         continue;
> > > +               if (!(companion->priv_flags & PCI_DEV_DRV_FLAG))
> > 
> > But pci_dev.priv_flags is private data for the driver that currently
> > owns the device, which could be vfio-pci.  This is really no different
> > than assuming the structure at device.driver_data.  If vfio-pci were to
> > make legitimate use of pci_dev.priv_flags, this could simply blow up
> > again.  Should there instead be some sort of registration interface
> > where hcd complaint drivers register their devices and only those
> > registered devices can have their driver private data arbitrarily poked
> > by another driver?  Thanks,
> 
> Thanks for your explanation. Set pci_dev.priv_flags is really not a 
> reasonable approach. Are there any more detailed suggestions 
> to patch this issue?

This is not a kernel issue, it is a "do not do this in this way from
userspace" issue :)

thanks,

greg k-h

     prev parent reply	other threads:[~2020-07-23  8:41 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-22 11:57 [PATCH] USB:Fix kernel NULL pointer when unbind UHCI form vfio-pci WeitaoWangoc
2020-07-22 12:44 ` Greg KH
2020-07-22 14:59   ` Alan Stern
2020-07-23  2:59     ` 答复: " Weitao Wang(BJ-RD)
2020-07-23  4:18       ` Alex Williamson
2020-07-23 15:38         ` Alan Stern
2020-07-23 16:17           ` Alex Williamson
2020-07-23 16:38             ` Alan Stern
2020-07-24 12:57               ` 答复: " WeitaoWang-oc
2020-07-24 19:17                 ` Alex Williamson
2020-07-28  5:53                   ` 答复: " WeitaoWang-oc
2020-08-19  3:23               ` TimGuo-oc
2020-07-23  5:25       ` Greg KH
2020-07-23  2:58   ` Weitao Wang(BJ-RD)
2020-07-23  3:53 ` Alex Williamson
2020-07-23  8:36   ` 答复: " WeitaoWang-oc
2020-07-23  8:41     ` gregkh [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200723084131.GA1753458@kroah.com \
    --to=gregkh@linuxfoundation.org \
    --cc=Carsten_Schmid@mentor.com \
    --cc=CobeChen@zhaoxin.com \
    --cc=TimGuo@zhaoxin.com \
    --cc=TonyWWang@zhaoxin.com \
    --cc=WeitaoWang-oc@zhaoxin.com \
    --cc=alex.williamson@redhat.com \
    --cc=efremov@linux.com \
    --cc=hslester96@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-usb@vger.kernel.org \
    --cc=mathias.nyman@linux.intel.com \
    --cc=ulf.hansson@linaro.org \
    --cc=vkoul@kernel.org \
    --cc=wwt8723@163.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.